Todo #881
closed
Passive FTP over pfsense
0%
Description
Here the out-of-date information: http://doc.pfsense.org/index.php/Howto_setup_ftp_server_behind_pfsense
How to force to work passive FTP from LAN to WAN.
In current snapshot passive ftp doesn't work.
$ ftp 93.158.155.195 Connected to 93.158.155.195. 220 Welcome to Yandex FTP service (sower.yandex.ru). Name (93.158.155.195:mike): ftp 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> dir 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. -rw-r--r-- 1 ftp ftp 263 Aug 13 06:04 HEADER.txt drwxr-xr-x 12 ftp ftp 4096 Oct 27 2009 altlinux drwxr-sr-x 15 ftp ftp 4096 Apr 08 09:54 altlinux-beta ... 226 Directory send OK. ftp> passive Passive mode on. ftp> dir 227 Entering Passive Mode (93,158,155,195,219,180) ftp: connect: Connection timed out
In revision 049a688e5daac240b2651bbd2cc178612741d23a removed all ftp-helper programs.. why?
Updated by Jesse Norell over 13 years ago
Mike, do you have floating firewall rules in use? See issue #863.
I just updated to 2.0-BETA4 (i386) built on Tue Sep 7 23:11:08 EDT 2010 (latest) and tested LAN->WAN ftp connection, both passive and active mode worked fine without floating rules in use - with floating rules, the passive mode connection worked, the active mode failed (different than what you're reporting). This is the flip side of issue #863, where passive fails for a WAN->LAN connection with floating rules in use.
The ftp helper was removed because it's handled in the kernel now.
Updated by Jonathan Puddle over 13 years ago
I'm seeing the same thing as Mike using 2.0-BETA4 (i386) built on Mon Sep 6 22:04:59 EDT 2010. Though passive FTP was definitely working for us up until this weekend, perhaps there was a regression of some sort?
Updated by Jonathan Puddle over 13 years ago
We're not using any floating rules, btw. Just trying to allow our users on LAN to access FTP on WAN. Active FTP is fine.
Updated by Ermal Luçi over 13 years ago
Try latest snapshot should be working ok.
Updated by Jonathan Puddle over 13 years ago
We're still seeing the exact same behaviour (Active FTP works fine, Passive doesn't work) on this snapshot:
2.0-BETA4 (i386)
built on Thu Sep 9 19:39:18 EDT 2010
FreeBSD 8.1-RELEASE
Updated by Mike Stupalov over 13 years ago
I update to snapshot:
2.0-BETA4 (i386) built on Thu Sep 9 00:41:45 EDT 2010
Now do not work both types FTP (Active, Passive). :(
I disable floating rules, it hasn't helped.
If the information helps, we use gateway groups.
Updated by Mike Stupalov over 13 years ago
Mike Stupalov wrote:
Now do not work both types FTP (Active, Passive). :(
Sorry, I have a little deceived.
All also doesn't work a passive mode. Active - works.
Updated by Mike McLaughlin over 13 years ago
I too see this issue. No passive FTP out from the LAN->WAN works. I just updated to Mon Sep 27 04:12:19 EDT 2010 from a ~ Sep 9 build and am still experiencing the above described issue.
As with the previous poster, I use multi-WAN at this location.
Updated by Mike McLaughlin over 13 years ago
This problem went away within the last 2 days.
Updated by Ermal Luçi over 13 years ago
- Status changed from New to Feedback
This seems to be ok on latest snaps.
Updated by Peter Hinman over 13 years ago
Appears to work for me also. Running 20101108 20:20:58.
I can connect from the LAN to remote FTP servers using PASV.
I can connect from the LAN to the FTP server on OPT1 using PASV
I can connect from the WAN to the FTP server on OPT1 using PASV
Updated by Michel Samovojski over 13 years ago
work for me too.
can connect from the LAN to remote FTP servers using PASV.
Updated by Ermal Luçi over 13 years ago
- Status changed from Feedback to Resolved